Checkmarx / red-lili
This open-source project tracks RED-LILI's activity over time as there are evidence the actor is still active. All information provided here is intended for research purposes.
☆11Updated last year
Related projects ⓘ
Alternatives and complementary repositories for red-lili
- Static Token And Credential Scanner☆95Updated last year
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆22Updated 3 months ago
- CveXplore☆33Updated 3 months ago
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 4 years ago
- Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool☆25Updated 3 years ago
- Paper, data and code from Investigating Potential Security Vulnerability Manifestation through Various Analyses & Inferences Regarding In…☆18Updated 3 years ago
- Lab that will help you to understand how type juggling vulnerability works.☆22Updated 4 years ago
- Reference architecture and proof of concept implementation for supply chain security gateway☆23Updated last year
- Maturity Model Collaborative project☆14Updated last year
- DNS File EXfiltration☆46Updated 7 months ago
- Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data☆47Updated 4 months ago
- Adds extensibility to Burp by using a list of payloads to pattern match on HTTP responses highlighting interesting and potentially vulner…☆15Updated last year
- A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!☆33Updated 6 years ago
- Burp Suite Extension to monitor new scope☆17Updated 3 years ago
- Tool to predict attacker groups from the techniques and software used☆49Updated 3 years ago
- CVE.ICU code.☆34Updated this week
- A regular expression fuzzer.☆43Updated 6 years ago
- Shell script to obtain information from https://crt.sh☆27Updated 7 years ago
- AWS Security Checks☆36Updated 6 years ago
- A collection of my Semgrep rules☆47Updated last year
- a shared short domain for XSS and other hacks☆31Updated 2 years ago
- PoC: Python package static and dynamic analysis to detect environment variable stealing☆10Updated 3 years ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆22Updated 4 months ago
- Kubernetes Scanner☆41Updated 2 years ago
- A playground to practice SSRF Attacks against web apps☆17Updated 6 years ago
- Burp extension to generate multi-step CSRF POC.☆29Updated 5 years ago
- Extensive code infrastructure for finding unintended information leaks in files, git repositories and much more.☆28Updated 2 years ago
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆18Updated 5 years ago
- Static code search python lib☆18Updated 4 years ago
- Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks☆57Updated 2 years ago